Download
| Alert*
CVE-2016-4563
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possib ... CVE-2016-4562 The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impac ... CVE-2016-4564 The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified ot ... CVE-2016-5010 coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file. CVE-2016-5690 The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table. CVE-2016-5691 The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue. CVE-2016-6823 Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. CVE-2016-6491 Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image. CVE-2016-5687 The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read. CVE-2016-5689 The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. CVE-2016-5688 The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid ... CVE-2016-5842 MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. CVE-2016-7540 coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format. CVE-2016-7534 The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file. CVE-2016-7535 coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file. CVE-2016-7532 coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. CVE-2016-7533 The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file. CVE-2016-7530 The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file. CVE-2016-7531 MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file. CVE-2016-7538 coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. CVE-2016-7539 Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. CVE-2016-7536 magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile. CVE-2016-7537 MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. CVE-2016-7523 coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. CVE-2016-7524 coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. CVE-2016-7521 Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. CVE-2016-7522 The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. CVE-2016-7520 Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file. CVE-2016-7529 coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file. CVE-2016-7527 coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. CVE-2016-7528 The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file. CVE-2016-7525 Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. CVE-2016-7526 coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. CVE-2016-7513 Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors. CVE-2016-7518 The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file. CVE-2016-7519 The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. CVE-2016-7516 The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file. CVE-2016-7517 The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file. CVE-2016-7514 The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. CVE-2016-7515 The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels. CVE-2016-7101 The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. CVE-2014-8355 PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). CVE-2014-8354 The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. CVE-2014-8562 DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). CVE-2014-8716 The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash). CVE-2014-9849 The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). CVE-2014-9848 Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). CVE-2014-9845 The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. CVE-2014-9844 The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. CVE-2014-9847 The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. CVE-2014-9846 Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. CVE-2014-9841 The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." CVE-2014-9840 ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. CVE-2014-9843 The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. CVE-2014-9838 magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash). CVE-2014-9837 coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. CVE-2014-9839 magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). CVE-2014-9834 Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. CVE-2014-9833 Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. CVE-2014-9836 ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file. CVE-2014-9835 Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. CVE-2014-9830 coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file. CVE-2014-9831 coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file. CVE-2014-9826 ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files. CVE-2014-9829 coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file. CVE-2014-9828 coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. CVE-2014-9823 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. CVE-2014-9822 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. CVE-2014-9821 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. CVE-2014-9820 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. CVE-2014-9819 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. CVE-2014-9816 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. CVE-2014-9815 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. CVE-2014-9818 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. CVE-2014-9817 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. CVE-2014-9812 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. CVE-2014-9811 The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. CVE-2014-9814 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. CVE-2014-9813 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. CVE-2014-9810 The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. CVE-2014-9809 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. CVE-2014-9808 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. CVE-2014-9805 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. CVE-2014-9807 The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. CVE-2014-9806 ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. CVE-2014-9907 coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file. CVE-2014-9851 ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). CVE-2014-9854 coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." CVE-2014-9853 Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. CVE-2014-9850 Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). CVE-2015-8894 Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file. CVE-2015-8897 The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file. CVE-2015-8898 The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file. CVE-2015-8895 Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. CVE-2015-8896 Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. CVE-2015-8957 Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file. CVE-2015-8958 coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file. CVE-2015-8959 coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file. CVE-2015-8901 ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file. CVE-2015-8902 The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file. CVE-2015-8900 The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file. CVE-2015-8903 The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. CVE-2016-5841 Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. |